Date: Thu, 8 May 2003 09:34:47 -0400 From: "Adam Maas" <mykroft@explosive.mail.net> To: "Wayne Swart" <fixx@fixx.co.za>, "FreeBSD Mailing list" <freebsd-questions@freebsd.org> Subject: Re: ipfw + natd Message-ID: <005501c31566$98052f70$7419cdcd@ticking> References: <20030508142730.V8587-100000@gemini.fixx.co.za>
next in thread | previous in thread | raw e-mail | index | archive | help
----- From: "Wayne Swart" <fixx@fixx.co.za> To: "FreeBSD Mailing list" <freebsd-questions@freebsd.org> Sent: Thursday, May 08, 2003 8:31 AM Subject: ipfw + natd > Lo > > I am running FreeBSD4.8-RELEASE and have a problem with ipfw and natd. > > the two interfaces (dc0 and dc1) have the following ip setup. > > dc1 ip: 10.10.10.1 > dc0 ip: 196.x.x.x > > now i can't do any requests through my box to "the outside" anymore, since > i added a default to deny rule. > > i use the following ipfw rules for the nat, but it does not seem to have > any impact on the requests that has to go through it. > > ipfw add divert natd all from any to any via dc0 out keep-state > ipfw add allow all from 10.10.10.0/24 to any via dc0 out keep-state > ipfw add allow all from 10.10.10.0/24 to any via dc1 in keep-state > > is there an easier way to troubleshoot this? > Could we see the results of an 'ipfw list'? Sounds like the Default Deny rule is first rather than last on the list of ipfw rules. Adam
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?005501c31566$98052f70$7419cdcd>